1, security coding-Internet of Things developers should strictly follow the practice of security coding and regard it as an important part of the equipment software construction process. We focus on quality assurance and vulnerability identification/repair, and use this method to simplify the relevant protection work in the development life cycle and easily reduce potential risks.
2. Authentication and device identification-provide each device with a unique identity, and cooperate with the ideal security authentication mechanism, which will enable the device to have its own security connection capability, back-end control system and management console. If each device has its own unique identity, the enterprise will be able to know whether the identity claimed by the current communication device is true. In order to achieve this goal, we need to use personal device identification solutions, such as PKI.
3. Encryption-When using Internet of Things solutions, enterprises must encrypt the traffic between different devices and back-end servers. Ensure that each operation command is encrypted and its integrity is guaranteed by signature or strong coding. In addition, any sensitive user data collected by IOT devices should also be encrypted.